package com.bpr.webservice.controller.util;

import java.util.Collection;
import java.util.List;
import java.util.Properties;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;

import com.bpr.webservice.domain.Menuaccess;
import com.bpr.webservice.domain.Users;
import com.bpr.webservice.domain.dto.AuthPropertiesDto;
import com.bpr.webservice.repository.MenuRepository;
import com.bpr.webservice.repository.MenuaccessRepository;
import com.bpr.webservice.repository.UsersRepository;

public class OptionsFromDataBaseFilterInvocationSecurityMetadataSource
		implements FilterInvocationSecurityMetadataSource {

	// private static final Logger log =
	// LoggerFactory.getLogger(OptionsFromDataBaseFilterInvocationSecurityMetadataSource.class);
	private Properties urlProperties;
	@Autowired MenuaccessRepository menuaccessRepository;
	
	public OptionsFromDataBaseFilterInvocationSecurityMetadataSource() {
	}

	public Collection<ConfigAttribute> getAllConfigAttributes() {
		// TODO Auto-generated method stub
		return null;
	}

	public Collection<ConfigAttribute> getAttributes(Object filter)
			throws IllegalArgumentException {
		FilterInvocation filterInvocation = (FilterInvocation) filter;
		String url = filterInvocation.getRequestUrl();
		
		Properties props = new Properties();
		List<Menuaccess> auths = menuaccessRepository.findAll();
		
		for (Menuaccess dto : auths){
			props.put(dto.getMenuid().getLink(), dto.getUserid().getUsergroupid().getUsergroupname());
		}
		this.setUrlProperties(props);
		
		// get the roles for requested page from the property file
		String urlPropsValue = urlProperties.getProperty(url);
		StringBuilder rolesStringBuilder = new StringBuilder();
		if (urlPropsValue != null) {
			rolesStringBuilder.append(urlPropsValue).append(",");
		}

		if (!url.endsWith("/")) {
			int lastSlashIndex = url.lastIndexOf("/");
			url = url.substring(0, lastSlashIndex + 1);
		}

		String[] urlParts = url.split("/");

		StringBuilder urlBuilder = new StringBuilder();
		for (String urlPart : urlParts) {
			if (urlPart.trim().length() == 0) {
				continue;
			}
			urlBuilder.append("/").append(urlPart);
			urlPropsValue = urlProperties.getProperty(urlBuilder.toString()
					+ "/**");

			if (urlPropsValue != null) {
				rolesStringBuilder.append(urlPropsValue).append(",");
			}
		}

		if (rolesStringBuilder.toString().endsWith(",")) {
			rolesStringBuilder.deleteCharAt(rolesStringBuilder.length() - 1);
		}
				
		if (rolesStringBuilder.length() == 0) {
			return null;
		}

		List<ConfigAttribute> configs = SecurityConfig
				.createListFromCommaDelimitedString(rolesStringBuilder
						.toString());		
		
		return configs;
	}

	public boolean supports(Class<?> arg0) {
		// TODO Auto-generated method stub
		return true;
	}

	public Properties getUrlProperties() {
		return urlProperties;
	}

	public void setUrlProperties(Properties urlProperties) {
		this.urlProperties = urlProperties;
	}
	
	

}
